‘Securing systems is something you do together’
Leiden University wants to increase the security of its systems. That is why since 1 May the ‘sneakers team’ has been making many miles through our buildings. This team with various specialists will map all measuring and research systems. Today Roland van Dam introduces himself, he is the project manager of the team.
‘Our team is going to make an inventory of all measurement and research systems within the University. We will start with the Faculty of Science, because they have the most systems there. I have a background in IT and Security. I studied physics, so I am very pleased that we are starting at Leiden Science.
Quite a job
As a team we are really looking forward to it. Although it is quite a job, we know that we will be confronted with a very diverse landscape. The research areas differ enormously from one another. This is already the case within the Faculty of Science, let alone within the entire University.
Getting an overview of all systems
Our goal is to provide a complete picture of all research and measurement systems. This will enable Leiden University to better organise and manage information security. We will also provide an overview of systems of which the information security needs attention.
Of course, such a project during a pandamic is not self-evident. On the other hand, we have all become increasingly adept at working online and dealing with all the corona measures. We are getting better at working remotely.. But working online has its limitations, so we would also like to speak to the researchers in person and see their equipment.
An open and secure university
The challenge is that, as a university, on the one hand, you want to be open and share your knowledge and data. But on the other hand, you want to do this safely. This involves all sorts of things, such as legislation, expectations of grant providers or agreements on collaboration. It is difficult to balance all this.
That is why it is good to have an overview of the systems you are using now and in the future and to look at them together. What are the agreements, where are the issues and how should we deal with these? Our team looks at this from the perspective of legislation and regulations, but also from the perspectives of technology, processes and people.
Don't leave the door open
An integral approach to information security is essential. Suppose that everything is well organized and the systems are secure. But one employee does not lock his computer. In that case it doesn’t matter how well your systems are secured: actions like this will leave the door wide open. It is important that every employee realises that by doing so they could endanger not only their own research group and those of others.
Work safely, also for your colleagues
This also applies to the security of your systems. This is important for your own research, but also for the work of your colleagues. Because criminals might get in via your systems and hack into the data of other research groups. This can have far-reaching consequences: years of research will be ruined and your own image, as well of that of the entire University, will be damaged.
Everyone wants to work safely. But how do you do it?
Everyone wants to work safely. You don't work unsafely on purpose, and sometimes you just don't know how to do it safely. Our team is there to help. We can show where the risks are and what a possible solution might be. This allows research groups to decide which risk areas to tackle and in what order. It is important that everyone realises that you are part of a greater whole and that you have to keep it safe together. Things can go wrong very quickly, as we recently saw in Maastricht and at NWO.
That's why we want to do this together with the employees. We ask questions and tell them what we notice. And we can advise you on how to find solutions. But in the end, people are the key. Security only works if you do it together.’
Want to know who else is in the Sneakers team? You can read all about it in the news item about the announcement of this project.